Don't limit max incoming message size based on c2->frame

"Be conservative in what you send, be liberal in what you accept"

When receiving packets, the real limitation of how much data we can accept
is the size of our internal buffers, not the maximum size we expect
incoming packets to have.

I ran into this while working on cipher negotiation, which will need
separate bookkeeping for the required internal buffer size, and the
link/tun MTU.  Basing this code on the buffer size instead of c2->frame
makes that easier.  A nice side-effect of this change is that it
simplifies the code.

This should also reduce the impact of using asymmetric tun/link MTU's,
such as in trac ticket #647.

Signed-off-by: Steffan Karger <steffan@karger.me>
Acked-by: Arne Schwabe <arne@rfc2549.org>
Acked-by: Gert Doering <gert@greenie.muc.de>
Message-Id: <1465388443-15484-2-git-send-email-steffan@karger.me>
URL: http://article.gmane.org/gmane.network.openvpn.devel/11850
Signed-off-by: Gert Doering <gert@greenie.muc.de>

diff --git a/src/openvpn/forward.c b/src/openvpn/forward.c
index 4a91f9206af55a1c76ac9cc87f0dffbb5443fb6a..2c9a0826fc6ab413073a624db84a3a57bbd64d32 100644 (file)
--- a/src/openvpn/forward.c
+++ b/src/openvpn/forward.c
@@ -669,7 +669,6 @@ read_incoming_link (struct context *c)
 
   status = link_socket_read (c->c2.link_socket,
                             &c->c2.buf,
-                            MAX_RW_SIZE_LINK (&c->c2.frame),
                             &c->c2.from);
 
   if (socket_connection_reset (c->c2.link_socket, status))

diff --git a/src/openvpn/socket.c b/src/openvpn/socket.c
index f7264ef62231929c1cc184378afbead4c03e5cd4..d2872bedf97ee50805a512a8e8c736cafebf08ef 100644 (file)
--- a/src/openvpn/socket.c
+++ b/src/openvpn/socket.c
@@ -2886,7 +2886,6 @@ union openvpn_pktinfo {
 static socklen_t
 link_socket_read_udp_posix_recvmsg (struct link_socket *sock,
                                    struct buffer *buf,
-                                   int maxsize,
                                    struct link_socket_actual *from)
 {
   struct iovec iov;
@@ -2895,7 +2894,7 @@ link_socket_read_udp_posix_recvmsg (struct link_socket *sock,
   socklen_t fromlen = sizeof (from->dest.addr);
 
   iov.iov_base = BPTR (buf);
-  iov.iov_len = maxsize;
+  iov.iov_len = buf_forward_capacity_total (buf);
   mesg.msg_iov = &iov;
   mesg.msg_iovlen = 1;
   mesg.msg_name = &from->dest.addr;
@@ -2954,20 +2953,18 @@ link_socket_read_udp_posix_recvmsg (struct link_socket *sock,
 int
 link_socket_read_udp_posix (struct link_socket *sock,
                            struct buffer *buf,
-                           int maxsize,
                            struct link_socket_actual *from)
 {
   socklen_t fromlen = sizeof (from->dest.addr);
   socklen_t expectedlen = af_addr_size(sock->info.af);
   addr_zero_host(&from->dest);
-  ASSERT (buf_safe (buf, maxsize));
 #if ENABLE_IP_PKTINFO
   /* Both PROTO_UDPv4 and PROTO_UDPv6 */
   if (sock->info.proto == PROTO_UDP && sock->sockflags & SF_USE_IP_PKTINFO)
-    fromlen = link_socket_read_udp_posix_recvmsg (sock, buf, maxsize, from);
+    fromlen = link_socket_read_udp_posix_recvmsg (sock, buf, from);
   else
 #endif
-    buf->len = recvfrom (sock->sd, BPTR (buf), maxsize, 0,
+    buf->len = recvfrom (sock->sd, BPTR (buf), buf_forward_capacity(buf), 0,
                         &from->dest.addr.sa, &fromlen);
   /* FIXME: won't do anything when sock->info.af == AF_UNSPEC */
   if (buf->len >= 0 && expectedlen && fromlen != expectedlen)

diff --git a/src/openvpn/socket.h b/src/openvpn/socket.h
index b154bc021ea171369104dff747f953c4b0048f6e..6f4d34f12a085feebd96695efab7935024637be8 100644 (file)
--- a/src/openvpn/socket.h
+++ b/src/openvpn/socket.h
@@ -961,7 +961,6 @@ link_socket_read_udp_win32 (struct link_socket *sock,
 
 int link_socket_read_udp_posix (struct link_socket *sock,
                                struct buffer *buf,
-                               int maxsize,
                                struct link_socket_actual *from);
 
 #endif
@@ -970,7 +969,6 @@ int link_socket_read_udp_posix (struct link_socket *sock,
 static inline int
 link_socket_read (struct link_socket *sock,
                  struct buffer *buf,
-                 int maxsize,
                  struct link_socket_actual *from)
 {
   if (proto_is_udp(sock->info.proto)) /* unified UDPv4 and UDPv6 */
@@ -980,7 +978,7 @@ link_socket_read (struct link_socket *sock,
 #ifdef WIN32
       res = link_socket_read_udp_win32 (sock, buf, from);
 #else
-      res = link_socket_read_udp_posix (sock, buf, maxsize, from);
+      res = link_socket_read_udp_posix (sock, buf, from);
 #endif
       return res;
     }